Openvpn Security Setting Breach

donatellogiraudo · 13 July 2020 10:27

Hi to everybody.
I have a question. In the past days i have call a test for my security connection with my IpFire firewall.

The report had found this potential Vulnerability:

OpenVPN Same Client Certificate Denial of Service Vulnerability (POTENZIAL) 38465
OpenVPN MAC Address Spoofing Denial of Service Vulnerability (POTENZIAL) 38464
OpenVPN Failed Authentication Denial of Service Vulnerability (POTENZIAL) 38467
OpenVPN Packet Decryption Failure Denial of Service Vulnerability (POTENZIAL) 38463

They tell me to upgrade the Openvpn to the 2.0.1 version to resolve all the error
But i found that Ipfire 2.25.146 had the 2.4.9.

There are also some setting to set to resolve?

thanks
Donatello

pmueller · 13 July 2020 10:35

Hi,

In the past days i have call a test for my security connection with my IpFire firewall.

which tool were you using?

OpenVPN Same Client Certificate Denial of Service Vulnerability (POTENZIAL) 38465
OpenVPN MAC Address Spoofing Denial of Service Vulnerability (POTENZIAL) 38464
OpenVPN Failed Authentication Denial of Service Vulnerability (POTENZIAL) 38467
OpenVPN Packet Decryption Failure Denial of Service Vulnerability (POTENZIAL) 38463

Do you happen to have further information regarding them (CVE entries, or similar)?

There are also some setting to set to resolve?

What do you mean by that?

Thanks, and best regards,
Peter Müller

donatellogiraudo · 13 July 2020 10:42

Hi

They have used NMap, Qualys VM and Nessus

The CVE are: CVE-2005-2534, CVE-2005-2533 and CVE-2005-2531

It is a false positive or i must change some setting in IPFire Openvpn ?

thanks
Donatello

ummeegge · 14 July 2020 11:51

Hi all,

this should have been fixed long time ago with version → 2005.08.16 – Version 2.0.1 → Changelog For OpenVPN 2.1 | OpenVPN or check the CVE for affected products →
CVE-2005-2531 : OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL err
CVE-2005-2534 : Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of
CVE-2005-2533 : OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a d

Best,

Erik

donatellogiraudo · 14 July 2020 12:08

Hi, i think it’s a false positive.

Thanks.
Best regard
Donatello

pike_it · 14 July 2020 15:21

I suggest to change the topic name…
Anyway, @donatellogiraudo, maybe you can say to them “try to exploit the vulnerabilities”.